From acc7aa6848076c9b0f9a01ec32dc8807b6b76af7 Mon Sep 17 00:00:00 2001
From: Marko Korhonen <marko@korhonen.cc>
Date: Tue, 4 Apr 2023 01:00:48 +0300
Subject: [PATCH] Add some common security headers for all sites

---
 docker/caddy/Caddyfile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docker/caddy/Caddyfile b/docker/caddy/Caddyfile
index 7c4b632d..fa9cde86 100644
--- a/docker/caddy/Caddyfile
+++ b/docker/caddy/Caddyfile
@@ -5,7 +5,11 @@ korhonen.cc, *.korhonen.cc {
 	}
 
 	header {
-		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+		X-Frame-Options DENY
+		X-XSS-Protection 0
+		X-Content-Type-Options nosniff
+		Referrer-Policy strict-origin-when-cross-origin
 	}
 
 	@homepage host korhonen.cc